const logger = require('../utils/logger')
module.exports = (roles = []) => async (ctx, next) => {
  if (roles.length && roles.includes(ctx.state.user.role)) {
    await next()
  } else {
    logger.info('权限不被允许 ', roles, ctx.state.user)
    ctx.response.status = 403;
    ctx.response.body = {
      message: '权限不被允许'
    }
  }
}